package com.zh.user.controller;

import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @Description:
 * @ClassName UserController
 * @date: 2021.04.12 15:43
 * @Author: zhanghang
 */
@RestController
@RequestMapping("/sys/user")
public class UserController {

    @GetMapping("/add")
    public String addStudent() {
        return "/user/add";
    }
    @RequestMapping("/update")
    @RequiresRoles("user")  //这个注解表示：该方法需要admin这个角色才能访问
//    @RequiresPermissions(value = {"user:update"}) // 这个注解表示：该方法需要user:update这个权限才能访问
    public String updateStudent() {
        return "/user/update";
    }
    @RequestMapping("/delete")
    public String deleteStudent() {
        return "/user/delete";
    }
    @RequestMapping("/find")
    public String findStudent() {
        return "/user/find";
    }
}
